AT&T AlienVault USM Review

It has allowed us to gain a better understanding of how data flows within our network


How has it helped my organization?

It has allowed us to gain a better understanding of how data flows within our network, and has helped us think about what type of things we want to be alerted on, or not alerted on.

What is most valuable?

AlienVault provides you with a unified view for all aspects of what is going on in your environment. It allows you to define what alerts you want to see, or not to see, as well as if you want them grouped, or ungrouped.

What needs improvement?

The reporting aspect could be improved. While there are a lot of different options available, there are still pieces which are missing. The views are also very static and do not give you a lot of options on how the data is presented.

What do I think about the stability of the solution?

No, the product is stable.

What do I think about the scalability of the solution?

No, our network has stayed for the most part the same. In the future, it should be scalable with additional sensors.

How is customer service and technical support?

Customer Service:

This is an area that could be improved.

Technical Support:

This is an area that could be improved. However, once you get a knowledgeable tech support person, they are good to work with.

Which solutions did we use previously?

No, this is our first SIEM device.

How was the initial setup?

Both. It was simple to just get up and running. However, when you start tweaking it for your organization it gets more complex.

What about the implementation team?

A little bit of both. The vendor team's expertise was amazing. I highly recommend using them.

What was our ROI?

The time that it would take to manually investigate events versus looking at one dashboard.

What's my experience with pricing, setup cost, and licensing?

Definitely get professional services.

Which other solutions did I evaluate?

Darktrace and QRadar.

What other advice do I have?

Once set up, for the most part, it is a "set it and forget it" solution. There is some upkeep with making sure all the things are monitored, but other than that AlienVault provides what you need out-of-the-box.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
author avatarTami Andrews
Vendor

Thank you David for your time to review AlienVault USM and for your candid feedback!

Guest
Sign Up with Email